MidnightBSD

Advisories for runelite

CVE-2018-1000834 MEDIUM

runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,

Products Affected

Vendor Product Version
runelite runelite *